<%#
 Copyright 2013-2019 the original author or authors from the JHipster project.

 This file is part of the JHipster project, see https://www.jhipster.tech/
 for more information.

 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
-%>
# ===================================================================
# Spring Boot configuration for the "prod" profile.
#
# This configuration overrides the application.yml file.
#
# More information on profiles: https://www.jhipster.tech/profiles/
# More information on configuration properties: https://www.jhipster.tech/common-application-properties/
# ===================================================================

# ===================================================================
# Standard Spring Boot properties.
# Full reference is available at:
# http://docs.spring.io/spring-boot/docs/current/reference/html/common-application-properties.html
# ===================================================================

logging:
    level:
        ROOT: INFO
        <%=packageName%>: INFO
        io.github.jhipster: INFO
<%_ if (serviceDiscoveryType === 'eureka') { _%>

eureka:
    instance:
        prefer-ip-address: true
    client:
        service-url:
            defaultZone: http://admin:${jhipster.registry.password}@localhost:8761/eureka/
<%_ } _%>

management:
    metrics:
        export:
            prometheus:
                enabled: false

spring:
    devtools:
        restart:
            enabled: false
        livereload:
            enabled: false
    <%_ if (messageBroker === 'kafka' || serviceDiscoveryType === 'consul') { _%>
    cloud:
        <%_ if (serviceDiscoveryType === 'consul') { _%>
        consul:
            discovery:
               prefer-ip-address: true
            host: localhost
            port: 8500
        <%_ } _%>
        <%_ if (messageBroker === 'kafka') { _%>
        stream:
            kafka:
                binder:
                    brokers: localhost
                    zk-nodes: localhost
            bindings:
                output:
                    destination: topic-jhipster
        <%_ } _%>
    <%_ } _%>
    <%_ if (databaseType === 'sql') { _%>
    datasource:
        type: com.zaxxer.hikari.HikariDataSource
        <%_ if (prodDatabaseType === 'mysql') { _%>
        url: jdbc:mysql://localhost:3306/<%= baseName %>?useUnicode=true&characterEncoding=utf8&useSSL=false&useLegacyDatetimeCode=false&serverTimezone=UTC
        username: root
        password:
        <%_ } else if (prodDatabaseType === 'mariadb') { _%>
        url: jdbc:mariadb://localhost:3306/<%= baseName %>?useLegacyDatetimeCode=false&serverTimezone=UTC
        username: root
        password:
        <%_ } else if (prodDatabaseType === 'postgresql') { _%>
        url: jdbc:postgresql://localhost:5432/<%= baseName %>
        username: <%= baseName %>
        password:
        <%_ } else if (prodDatabaseType === 'mssql') { _%>
        url: jdbc:sqlserver://localhost:1433;database=<%= baseName %>
        username: SA
        password: yourStrong(!)Password
        <%_ } else if (prodDatabaseType === 'oracle') { _%>
        url: jdbc:oracle:thin:@localhost:1521:xe
        username: system
        password: oracle
        <%_ } _%>
        hikari:
            poolName: Hikari
            auto-commit: false
        <%_ if (prodDatabaseType === 'mysql' || prodDatabaseType === 'mariadb' || prodDatabaseType === 'mssql') { _%>
            data-source-properties:
                cachePrepStmts: true
                prepStmtCacheSize: 250
                prepStmtCacheSqlLimit: 2048
                useServerPrepStmts: true
        <%_ } _%>
    jpa:
        <%_ if (prodDatabaseType === 'mysql' || prodDatabaseType === 'mariadb') { _%>
        database-platform: org.hibernate.dialect.MySQL5InnoDBDialect
        <%_ } else if (prodDatabaseType === 'postgresql') { _%>
        database-platform: io.github.jhipster.domain.util.FixedPostgreSQL95Dialect
        <%_ } else if (prodDatabaseType === 'oracle') { _%>
        database-platform: org.hibernate.dialect.Oracle12cDialect
        <%_ } else if (prodDatabaseType === 'mssql') { _%>
        database-platform: org.hibernate.dialect.SQLServer2012Dialect
        <%_ } else { _%>
        database-platform: org.hibernate.dialect.HSQLDialect
        <%_ } _%>
        <%_ if (prodDatabaseType === 'mysql' || prodDatabaseType === 'mariadb') { _%>
        database: MYSQL
        <%_ } else if (prodDatabaseType === 'postgresql') { _%>
        database: POSTGRESQL
        <%_ } else if (prodDatabaseType === 'oracle') { _%>
        database: ORACLE
        <%_ } else if (prodDatabaseType === 'mssql') { _%>
        database: SQL_SERVER
        <%_ } else { _%>
        database: HSQL
        <%_ } _%>
        show-sql: false
        properties:
            hibernate.id.new_generator_mappings: true
            hibernate.connection.provider_disables_autocommit: true
            hibernate.cache.use_second_level_cache: <% if (enableHibernateCache) { %>true<% } else { %>false<% } %>
            hibernate.cache.use_query_cache: false
            hibernate.generate_statistics: false
            <%_ if (enableHibernateCache) { _%>
                <%_ if (cacheProvider === 'hazelcast') { _%>
            hibernate.cache.region.factory_class: com.hazelcast.hibernate.HazelcastCacheRegionFactory
            hibernate.cache.hazelcast.instance_name: <%= baseName %>
                <%_ } else if (cacheProvider === 'infinispan') { _%>
            hibernate.cache.region.factory_class: <%=packageName%>.config.CacheFactoryConfiguration
            hibernate.cache.inifinispan.statistics: false
            hibernate.cache.use_minimal_puts: true
            hibernate.cache.infinispan.entity.expiration.lifespan: 3600000
            hibernate.cache.infinispan.entity.memory.size: 1000
            hibernate.cache.infinispan.jgroups_cfg: default-configs/default-jgroups-tcp.xml
                <%_ } _%>
                <%_ if (cacheProvider === 'hazelcast') { _%>
            hibernate.cache.use_minimal_puts: true
            hibernate.cache.hazelcast.use_lite_member: true
                <%_ } _%>
            <%_ } _%>
    <%_ } _%>
    <%_ if (databaseType === 'mongodb' || databaseType === 'cassandra' || searchEngine === 'elasticsearch') { _%>
    data:
    <%_ } _%>
    <%_ if (databaseType === 'mongodb') { _%>
        mongodb:
            uri: mongodb://localhost:27017<% if (reactive) { %>/?waitQueueMultiple=1000<% } %>
            database: <%= baseName %>
    <%_ } _%>
    <%_ if (databaseType === 'cassandra') { _%>
        cassandra:
            contactPoints: localhost
            protocolVersion: V4
            compression: LZ4
            keyspaceName: <%= baseName %>
    <%_ } _%>
    <%_ if (searchEngine === 'elasticsearch') { _%>
        jest:
            uri: http://localhost:9200
    # see https://docs.spring.io/spring-boot/docs/current/reference/html/boot-features-nosql.html#boot-features-connecting-to-elasticsearch-jest
    elasticsearch:
        rest:
            uris: http://localhost:9200
    <%_ } _%>
    <%_ if (databaseType === 'couchbase') { _%>
    couchbase:
        bootstrap-hosts: localhost
        bucket:
            name: <%= baseName %>
            password: password
    <%_ } _%>
    <%_ if (databaseType === 'sql') { _%>
    # Replace by 'prod, faker' to add the faker context and have sample data loaded in production
    liquibase:
        contexts: prod
    <%_ } _%>
    mail:
        host: localhost
        port: 25
        username:
        password:
    thymeleaf:
        cache: true
<%_ if (serviceDiscoveryType || applicationType === 'gateway' || applicationType === 'microservice' || applicationType === 'uaa') { _%>
    sleuth:
        sampler:
            probability: 1 # report 100% of traces
    zipkin: # Use the "zipkin" Maven profile to have the Spring Cloud Zipkin dependencies
        base-url: http://localhost:9411
        enabled: false
        locator:
            discovery:
                enabled: true
<%_ } _%>

# ===================================================================
# To enable TLS in production, generate a certificate using:
# keytool -genkey -alias <%= baseName.toLowerCase() %> -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore keystore.p12 -validity 3650
#
# You can also use Let's Encrypt:
# https://maximilian-boehm.com/hp2121/Create-a-Java-Keystore-JKS-from-Let-s-Encrypt-Certificates.htm
#
# Then, modify the server.ssl properties so your "server" configuration looks like:
#
# server:
#    port: 443
#    ssl:
#        key-store: classpath:config/tls/keystore.p12
#        key-store-password: password
#        key-store-type: PKCS12
#        key-alias: <%= baseName.toLowerCase() %>
#        # The ciphers suite enforce the security by deactivating some old and deprecated SSL cipher, this list was tested against SSL Labs (https://www.ssllabs.com/ssltest/)
#        ciphers: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 ,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 ,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
# ===================================================================
server:
    port: <%= serverPort %>
    compression:
        enabled: true
        mime-types: text/html,text/xml,text/plain,text/css, application/javascript, application/json
        min-response-size: 1024

# ===================================================================
# JHipster specific properties
#
# Full reference is available at: https://www.jhipster.tech/common-application-properties/
# ===================================================================

jhipster:
    <%_ if (applicationType === 'gateway') { _%>
    gateway:
        rate-limiting:
            enabled: false
        authorized-microservices-endpoints: # Access Control Policy, if left empty for a route, all endpoints will be accessible
            app1: /api # recommended prod configuration
    <%_ } _%>
    http:
        cache: # Used by the CachingHttpHeadersFilter
            timeToLiveInDays: 1461
    <%_ if (cacheProvider !== 'no') { _%>
    cache: # Cache configuration
        <%_ if (cacheProvider === 'hazelcast') { _%>
        hazelcast: # Hazelcast distributed cache
            time-to-live-seconds: 3600
            backup-count: 1
            management-center: # Full reference is available at: http://docs.hazelcast.org/docs/management-center/3.9/manual/html/Deploying_and_Starting.html
                enabled: false
                update-interval: 3
                url:
        <%_ } _%>
        <%_ if (cacheProvider === 'ehcache') { _%>
        ehcache: # Ehcache configuration
            time-to-live-seconds: 3600 # By default objects stay 1 hour in the cache
            max-entries: 1000 # Number of objects in each cache entry
        <%_ } _%>
        <%_ if (cacheProvider === 'infinispan') { _%>
        infinispan:
            config-file: default-configs/default-jgroups-tcp.xml
            statsEnabled: true
            # local app cache
            local:
                time-to-live-seconds: 60 # By default objects stay 1 hour (in minutes) in the cache
                max-entries: 1000 # Number of objects in each cache entry
            # distributed app cache
            distributed:
                time-to-live-seconds: 60 # By default objects stay 1 hour (in minutes) in the cache
                max-entries: 1000 # Number of objects in each cache entry
                instance-count: 2
            # replicated app cache
            replicated:
                time-to-live-seconds: 60 # By default objects stay 1 hour (in minutes) in the cache
                max-entries: 1000 # Number of objects in each cache entry
        <%_ } _%>
        <%_ if (cacheProvider === 'memcached') { _%>
        memcached:
            enabled: true
            servers: localhost:11211
            expiration: 300
            use-binary-protocol: true
        <%_ } _%>
    <%_ } _%>
    <%_ if (authenticationType === 'jwt') { _%>
    security:
        authentication:
            jwt:
                # This token must be encoded using Base64 and be at least 256 bits long (you can type `openssl rand -base64 64` on your command line to generate a 512 bits one)
                # As this is the PRODUCTION configuration, you MUST change the default key, and store it securely:
                # - In the JHipster Registry (which includes a Spring Cloud Config server)
                # - In a separate `application-prod.yml` file, in the same folder as your executable JAR file
                # - In the `JHIPSTER_SECURITY_AUTHENTICATION_JWT_BASE64_SECRET` environment variable
                base64-secret: <%= jwtSecretKey %>
                # Token is valid 24 hours
                token-validity-in-seconds: 86400
                token-validity-in-seconds-for-remember-me: 2592000
    <%_ } _%>
    <%_ if ((applicationType === 'microservice' || applicationType === 'gateway' || applicationType === 'uaa') && authenticationType === 'uaa') { _%>
    security:
        client-authorization:
            <%_ if (applicationType !== 'uaa') { _%>
            access-token-uri: http://<%= uaaBaseName.toLowerCase() %>/oauth/token
            token-service-id: <%= uaaBaseName.toLowerCase() %>
            <%_ } _%>
            client-id: internal
            client-secret: internal
    <%_ } _%>
    <%_ if (applicationType == 'uaa') { _%>
        authentication:
            jwt:
                # Access Token is valid for 5 mins
                token-validity-in-seconds: 300
                # Refresh Token is valid for 7 days
                token-validity-in-seconds-for-remember-me: 252000
    <%_ } _%>
<%_ if (authenticationType === 'session' && !reactive) { _%>
    security:
        remember-me:
            # security key (this key should be unique for your application, and kept secret)
            key: <%= rememberMeKey %>
<%_ } _%>
    mail: # specific JHipster mail property, for standard properties see MailProperties
        from: <%= baseName %>@localhost
        base-url: http://my-server-url-to-change # Modify according to your server's URL
    metrics:
        logs: # Reports metrics in the logs
            enabled: false
            report-frequency: 60 # in seconds
    logging:
        use-json-format: false # By default, logs are not in Json format
        logstash: # Forward logs to logstash over a socket, used by LoggingConfiguration
            enabled: false
            host: localhost
            port: 5000
            queue-size: 512
<%_ if (applicationType === 'uaa') { _%>
uaa:
    #be sure to to change to a different keystore in production!
    #create one using: keytool -genkey -alias <%= baseName.toLowerCase() %> -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore keystore.p12 -validity 3650
    key-store:
        name: config/tls/keystore.p12
        password: password
        alias: selfsigned
    web-client-configuration:
        # Access Token is valid for 5 mins
        access-token-validity-in-seconds: 300
        # Refresh Token is valid for 7 days
        refresh-token-validity-in-seconds-for-remember-me: 604800
        #change client secret in production, keep in sync with gateway configuration
        client-id: web_app
        secret: changeit
<%_ } else if ((applicationType === 'microservice' || applicationType === 'gateway' || applicationType === 'uaa') && authenticationType === 'uaa') { _%>
oauth2:
    signature-verification:
        public-key-endpoint-uri: http://<%= uaaBaseName.toLowerCase() %>/oauth/token_key
        #ttl for public keys to verify JWT tokens (in ms)
        ttl: 3600000
        #max. rate at which public keys will be fetched (in ms)
        public-key-refresh-rate-limit: 10000
    web-client-configuration:
        #change client secret in production, keep in sync with UAA configuration
        client-id: web_app
        secret: changeit
    <%_ if (applicationType === 'gateway') { _%>
        # Controls session expiration due to inactivity (ignored for remember-me).
        # Negative values disable session inactivity expiration.
        session-timeout-in-seconds: 1800
    <%_ } _%>
<%_ } _%>

# ===================================================================
# Application specific properties
# Add your own application properties here, see the ApplicationProperties class
# to have type-safe configuration, like in the JHipsterProperties above
#
# More documentation is available at:
# https://www.jhipster.tech/common-application-properties/
# ===================================================================

# application:
